mirror of
https://git.freebsd.org/ports.git
synced 2025-06-23 21:50:32 -04:00
cbf318b29d
Major features included in the 3.0.25 code base are:
o Significant improvements in the winbind off-line logon support.
o Support for secure DDNS updates as part of the 'net ads join'
process.
o Rewritten IdMap interface which allows for TTL based caching and
per domain backends.
o New plug-in interface for the "winbind nss info" parameter.
o New file change notify subsystem which is able to make use of
inotify on Linux.
o Support for passing Windows security descriptors to a VFS
plug-in allowing for multiple Unix ACL implements to running
side by side on the Same server.
o Improved compatibility with Windows Vista clients including
improved read performance with Linux servers.
o Man pages for IdMap and VFS plug-ins.
Security Fixes included in the Samba 3.0.25 release are:
o CVE-2007-2444
Versions: Samba 3.0.23d - 3.0.25pre2
Local SID/Name translation bug can result in
user privilege elevation
o CVE-2007-2446
Versions: Samba 3.0.0 - 3.0.24
Multiple heap overflows allow remote code execution
o CVE-2007-2447
Versions: Samba 3.0.0 - 3.0.24
Unescaped user input parameters are passed as
arguments to /bin/sh allowing for remote command
execution
PR: ports/112836
Submitted by: maintainer
Approved by: portmgr (self)
11 lines
405 B
C
11 lines
405 B
C
--- ./nsswitch/pam_winbind.c.orig Mon Apr 9 19:30:57 2007
|
|
+++ ./nsswitch/pam_winbind.c Tue Apr 17 02:06:59 2007
|
|
@@ -1735,7 +1735,7 @@
|
|
ret = PAM_USER_UNKNOWN;
|
|
goto out;
|
|
case 0:
|
|
- pam_get_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (const void **)&tmp);
|
|
+ pam_get_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (void **)&tmp);
|
|
if (tmp != NULL) {
|
|
ret = atoi((const char *)tmp);
|
|
switch (ret) {
|